[fedora-virt] libvirt and iptables rules added

philippe.marcovici at free.fr philippe.marcovici at free.fr
Thu Jun 25 15:08:22 UTC 2009


My iptables rules are not permissives. For exemple, my default iptables's rules are DROP.
libvirt inserts some  iptables's rules. But, because my rules are not permissives, some DROP are generated.

I fix it with a script, but i am looking for an automatization.

I saw an directory named iptables with sub-directories named nat and filter in /var/lib/libvirt (all empty) :

# ls -r /var/lib/libvirt/iptables
nat  filter

My questions, in this context, are :
- Can i use this directories to put some iptables rules who will be loaded and unloaded with libvirtd ?
- If yes, how i must set them ?
- If no, any others solutions ?


More information about the Fedora-virt mailing list